/*     */ package com.zimbra.cs.security.sasl;
/*     */ 
/*     */ import com.zimbra.common.account.Key.AccountBy;
/*     */ import com.zimbra.common.service.ServiceException;
/*     */ import com.zimbra.common.util.Log;
/*     */ import com.zimbra.common.util.ZimbraLog;
/*     */ import com.zimbra.cs.account.AccessManager;
/*     */ import com.zimbra.cs.account.Account;
/*     */ import com.zimbra.cs.account.Provisioning;
/*     */ import com.zimbra.cs.account.auth.AuthContext.Protocol;
/*     */ import java.io.IOException;
/*     */ import java.io.InputStream;
/*     */ import java.io.OutputStream;
/*     */ import java.net.InetAddress;
/*     */ import java.util.Collection;
/*     */ import java.util.Collections;
/*     */ import java.util.LinkedHashMap;
/*     */ import java.util.Map;
/*     */ import javax.security.sasl.SaslServer;
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ public abstract class Authenticator
/*     */ {
/*  46 */   private static final Map<String, AuthenticatorFactory> mRegisteredMechanisms = new LinkedHashMap();
/*  47 */   private static Collection<String> mMechanismList = Collections.emptyList();
/*     */   protected final String mProtocol;
/*     */   
/*  50 */   static { registerMechanism("PLAIN", new AuthenticatorFactory()
/*     */     {
/*     */       public Authenticator getAuthenticator(AuthenticatorUser authUser) {
/*  53 */         return new PlainAuthenticator(authUser);
/*     */       }
/*  55 */     });
/*  56 */     registerMechanism("GSSAPI", new AuthenticatorFactory()
/*     */     {
/*     */       public Authenticator getAuthenticator(AuthenticatorUser authUser) {
/*  59 */         return new GssAuthenticator(authUser);
/*     */       }
/*  61 */     });
/*  62 */     registerMechanism("X-ZIMBRA", new AuthenticatorFactory()
/*     */     {
/*     */       public Authenticator getAuthenticator(AuthenticatorUser authUser) {
/*  65 */         return new ZimbraAuthenticator(authUser);
/*     */       }
/*     */     });
/*     */   }
/*     */   
/*     */   public static void registerMechanism(String mechanism, AuthenticatorFactory authFactory) {
/*  71 */     mRegisteredMechanisms.put(mechanism.toUpperCase(), authFactory);
/*  72 */     mMechanismList = Collections.unmodifiableCollection(mRegisteredMechanisms.keySet());
/*     */   }
/*     */   
/*     */   public static Authenticator getAuthenticator(String mechanism, AuthenticatorUser authUser) {
/*  76 */     AuthenticatorFactory authFactory = (AuthenticatorFactory)mRegisteredMechanisms.get(mechanism.toUpperCase());
/*  77 */     if (authFactory == null)
/*  78 */       return null;
/*  79 */     Authenticator auth = authFactory.getAuthenticator(authUser);
/*  80 */     return auth.isSupported() ? auth : null;
/*     */   }
/*     */   
/*     */   public static Collection<String> listMechanisms() {
/*  84 */     return mMechanismList;
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */   protected Authenticator(String mechanism, AuthenticatorUser authUser)
/*     */   {
/*  96 */     this.mProtocol = authUser.getProtocol();
/*  97 */     this.mMechanism = mechanism;
/*  98 */     this.mAuthUser = authUser;
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */ 
/*     */   protected final String mMechanism;
/*     */   
/*     */ 
/*     */ 
/*     */   protected final AuthenticatorUser mAuthUser;
/*     */   
/*     */ 
/*     */ 
/*     */   protected boolean mComplete;
/*     */   
/*     */ 
/*     */   protected boolean mAuthenticated;
/*     */   
/*     */ 
/*     */   protected InetAddress localAddress;
/*     */   
/*     */ 
/*     */   public void setLocalAddress(InetAddress addr)
/*     */   {
/* 123 */     this.localAddress = addr;
/*     */   }
/*     */   
/*     */   public boolean isComplete() {
/* 127 */     return this.mComplete;
/*     */   }
/*     */   
/*     */   public boolean isAuthenticated() {
/* 131 */     return this.mAuthenticated;
/*     */   }
/*     */   
/*     */   public String getProtocol() {
/* 135 */     return this.mProtocol;
/*     */   }
/*     */   
/*     */   public String getMechanism() {
/* 139 */     return this.mMechanism;
/*     */   }
/*     */   
/*     */   public AuthenticatorUser getAuthenticatorUser() {
/* 143 */     return this.mAuthUser;
/*     */   }
/*     */   
/*     */   public void sendSuccess() throws IOException {
/* 147 */     this.mAuthUser.sendSuccessful();
/*     */   }
/*     */   
/*     */   public void sendFailed() throws IOException {
/* 151 */     this.mAuthUser.sendFailed();
/* 152 */     this.mComplete = true;
/*     */   }
/*     */   
/*     */   public void sendFailed(String msg) throws IOException {
/* 156 */     this.mAuthUser.sendFailed(msg);
/*     */   }
/*     */   
/*     */   public void sendBadRequest() throws IOException {
/* 160 */     this.mAuthUser.sendBadRequest("malformed authentication request");
/* 161 */     this.mComplete = true;
/*     */   }
/*     */   
/*     */   protected void sendContinuation(String s) throws IOException {
/* 165 */     this.mAuthUser.sendContinuation(s);
/*     */   }
/*     */   
/*     */   protected Log getLog() {
/* 169 */     return this.mAuthUser.getLog();
/*     */   }
/*     */   
/*     */   protected boolean authenticate(String authorizationId, String authenticationId, String password) throws IOException
/*     */   {
/* 174 */     this.mAuthenticated = this.mAuthUser.authenticate(authorizationId, authenticationId, password, this);
/* 175 */     this.mComplete = true;
/* 176 */     return this.mAuthenticated;
/*     */   }
/*     */   
/*     */   protected Account authorize(Account authAccount, String username, boolean asAdmin) throws ServiceException {
/* 180 */     if ((username == null) || (username.length() == 0)) {
/* 181 */       return authAccount;
/*     */     }
/* 183 */     Provisioning prov = Provisioning.getInstance();
/* 184 */     Account userAcct = prov.get(Key.AccountBy.name, username);
/* 185 */     if (userAcct == null)
/*     */     {
/* 187 */       int i = username.indexOf('@');
/* 188 */       if (i != -1) {
/* 189 */         String domain = authAccount.getDomainName();
/* 190 */         if (domain != null) {
/* 191 */           username = username.substring(0, i) + '@' + domain;
/* 192 */           userAcct = prov.get(Key.AccountBy.name, username);
/*     */         }
/*     */       }
/*     */     }
/* 196 */     if (userAcct == null) {
/* 197 */       ZimbraLog.account.info("authorization failed for " + username + " (account not found)", new Object[] { username });
/* 198 */       return null;
/*     */     }
/*     */     
/*     */ 
/* 202 */     if ((!authAccount.getId().equals(userAcct.getId())) && (!AccessManager.getInstance().canAccessAccount(authAccount, userAcct, asAdmin))) {
/* 203 */       ZimbraLog.account.warn("authorization failed for " + username + " (authenticated user " + authAccount.getName() + " has insufficient rights)");
/* 204 */       return null;
/*     */     }
/* 206 */     return userAcct;
/*     */   }
/*     */   
/*     */   protected abstract boolean isSupported();
/*     */   
/*     */   public abstract boolean initialize()
/*     */     throws IOException;
/*     */   
/*     */   public abstract void handle(byte[] paramArrayOfByte)
/*     */     throws IOException;
/*     */   
/*     */   public abstract Account authenticate(String paramString1, String paramString2, String paramString3, AuthContext.Protocol paramProtocol, String paramString4, String paramString5, String paramString6)
/*     */     throws ServiceException;
/*     */   
/*     */   public abstract boolean isEncryptionEnabled();
/*     */   
/*     */   public abstract InputStream unwrap(InputStream paramInputStream);
/*     */   
/*     */   public abstract OutputStream wrap(OutputStream paramOutputStream);
/*     */   
/*     */   public abstract SaslServer getSaslServer();
/*     */   
/*     */   public abstract void dispose();
/*     */   
/*     */   static abstract interface AuthenticatorFactory
/*     */   {
/*     */     public abstract Authenticator getAuthenticator(AuthenticatorUser paramAuthenticatorUser);
/*     */   }
/*     */ }


/* Location:              /home/mint/zimbrastore.jar!/com/zimbra/cs/security/sasl/Authenticator.class
 * Java compiler version: 7 (51.0)
 * JD-Core Version:       0.7.1
 */